CVE-2023-7047

Inadequate validation of permissions when employing remote tools and macros via the context menu within Devolutions Remote Desktop Manager versions 2023.3.31 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature. This affects only SQL data sources.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*:*

History

29 Oct 2024, 17:35

Type Values Removed Values Added
CWE CWE-863

04 Jan 2024, 18:37

Type Values Removed Values Added
First Time Microsoft windows
Microsoft
Devolutions remote Desktop Manager
Devolutions
CWE NVD-CWE-noinfo
References () https://devolutions.net/security/advisories/DEVO-2023-0024/ - () https://devolutions.net/security/advisories/DEVO-2023-0024/ - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.4
CPE cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*:*

21 Dec 2023, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-21 15:15

Updated : 2024-10-29 17:35


NVD link : CVE-2023-7047

Mitre link : CVE-2023-7047

CVE.ORG link : CVE-2023-7047


JSON object : View

Products Affected

microsoft

  • windows

devolutions

  • remote_desktop_manager
CWE
NVD-CWE-noinfo CWE-863

Incorrect Authorization